Cyber Security in the Energy Sector

The dependency of today’s digitised and interconnected global economies on the energy sector has made it an attractive target for cybercriminals.

Several recent high-profile cyber-attacks have been designed specifically to damage and disrupt critical infrastructure, so protecting providers of essential services is of paramount importance.

Common cyber security challenges in the energy sector include

  • •   Maintaining continuity of essential services and operations
  • •   Reducing cyber risks across the energy supply chain
  • •   Building cyber resilience into antiquated network infrastructure
  • •   Managing risks posed by Internet of Things devices like smart meters
  • •   Balancing continuous digitisation and interconnectivity with security
  • •   Demonstrating security commitments in line with new NIS Regulations
  • •   Preventing and eliminating ransomware attacks
Key security questions for energy companies
  • •   How often are Industrial Control Systems tested for vulnerabilities?

  • •   Are suitable controls in place to prevent sophisticated threats?

  • •   Are systems able to identify threats that bypass the perimeter?

  • •   Is there a plan in place to detect, remediate and report breaches?

  • •   What systems and controls are in place to mitigate insider threats?

  • •   How are security risks in the supply chain managed?

  • •   Is payment processing PCI DSS compliant?